After a standard system upgrade you need to reboot your computer toeffect the necessary changes.

Details follow:

Philipp Richter discovered that the AppleTalk protocol handler didnot sufficiently verify the length of packets. By sending a craftedAppleTalk packet, a remote attacker could exploit this to crash thekernel. (CVE-2007-1357)

Gabriel Campana discovered that the do_ipv6_setsockopt() function didnot sufficiently verifiy option values for IPV6_RTHDR. A localattacker could exploit this to trigger a kernel crash. (CVE-2007-1388)

A Denial of Service vulnerability was discovered in thenfnetlink_log() netfilter function. A remote attacker could exploitthis to trigger a kernel crash. (CVE-2007-1496)

The connection tracking module for IPv6 did not properly handle thestatus field when reassembling fragmented packets, so that the finalpacket always had the 'established' state. A remote attacker couldexploit this to bypass intended firewall rules. (CVE-2007-1497)

Masayuki Nakagawa discovered an error in the flowlabel handling ofIPv6 network sockets. A local attacker could exploit this to crashthe kernel. (CVE-2007-1592)

The do_dccp_getsockopt() function did not sufficiently verify theoptlen argument. A local attacker could exploit this to read kernelmemory (which might expose sensitive data) or cause a kernel crash.This only affects Ubuntu 7.04. (CVE-2007-1730)

The IPv4 and DECnet network protocol handlers incorrectly declaredan array variable so that it became smaller than intended. By sendingcrafted packets over a netlink socket, a local attacker could exploitthis to crash the kernel. (CVE-2007-2172)